<?php

namespace app\command;

use think\console\Command;
use think\console\Input;
use think\console\Output;

class JiaMi extends Command
{
    protected function configure()
    {
        // 指令配置
        $this->setName('jiami');
        // 设置参数
        
    }

    /**
     * 生成公私钥数据
     */
    protected  function createPublicPrivateKey()
    {
        //生成密钥
        $config = array(
            "digest_alg"=>"sha512",
            "private_key_bits"=>2048,
            "private_key_type"=>OPENSSL_KEYTYPE_RSA
        );

        //创建密钥对
        $res = openssl_pkey_new($config);

        $dir ="公私钥/";
        file_exists($dir) or mkdir($dir,0777,true);

        //生成私钥
        openssl_pkey_export($res, $privKey);
        file_put_contents("公私钥/private.pem", $privKey);
        //生成公钥
        $pubKey = openssl_pkey_get_details($res)['key'];
        file_put_contents("公私钥/public.pem", $pubKey);

    }


    //rsa的公私钥加密和解密
    protected function rsaPublicPrivateJiaJieMi()
    {
        //公钥加密
        $pubKey = file_get_contents('公私钥/public.pem');

        //返回资源型对象
        $pubKey = openssl_get_publickey($pubKey);
        //对数据 abcdefg 进行加密,$crypted 是二进制数据
        $data = "abcdefg";
        openssl_public_encrypt($data,$crypted,$pubKey,OPENSSL_PKCS1_PADDING);
        $crypted = base64_encode($crypted);
        echo "对数据{$data}进行rsa加密并进行base64编码结果:".PHP_EOL."{$crypted}".PHP_EOL;

        //私钥解密
        $privKey = file_get_contents('公私钥/private.pem');

        //返回资源型的
        $privKey = openssl_pkey_get_private($privKey);

        $crypted = base64_decode($crypted);

        openssl_private_decrypt($crypted,$decrypted,$privKey,OPENSSL_PKCS1_PADDING);
        echo "根据rsa解密得出的数据结果:".PHP_EOL.$decrypted.PHP_EOL;

    }

    //证书的生成
    protected function createCert()
    {
        $dn = array(
            "countryName" => "GB",
            "stateOrProvinceName"=>"Somerset",
            "localityName"=>"Glastonbury",
            "organizationName"=>"Somerset",
            "organizationalUnitName"=>"Common",
            "commonName"=>"Glastonbury",
            "emailAddress"=>"glastonbury@somerset.com"
        );

        $config = array(
            "digest_alg"=>"sha512",
            "private_key_bits"=>2048,
            "private_key_type"=>OPENSSL_KEYTYPE_RSA
        );

        //创建密钥对
        $res = openssl_pkey_new($config);

        //证书
        $csr = openssl_csr_new($dn, $res);

        //证书签名
        $usercert = openssl_csr_sign($csr, null, $res,365);

        //导出证书公钥
        openssl_x509_export($usercert, $pubKey);

        $dir = "证书生成/";
        file_exists($dir) or mkdir($dir, 0777, true);
        //存储证书公钥
        file_put_contents("证书生成/csr.public.cert", $pubKey);

        //导出证书私钥
        openssl_pkcs12_export($usercert, $privKey,$res,'123456');
        file_put_contents("证书生成/csr.private.pfx", $privKey);
    }

    //证书的加密和解密
    protected function certJiaJieMi()
    {
        //加密
        $pubkey = file_get_contents('证书生成/csr.public.cert');
        $pubkey = openssl_x509_read($pubkey);

        //对数据abcdefg进行证书加密
        $data = "abcdefghijklmn";
        openssl_public_encrypt($data,$crypted,$pubkey,OPENSSL_PKCS1_PADDING);
        $crypted = base64_encode($crypted);
        echo "对数据{$data}进行证书加密并进行base64编码结果:".PHP_EOL."{$crypted}".PHP_EOL;

        //解密
        $private = file_get_contents('证书生成/csr.private.pfx');
        $data = base64_decode($crypted);
        openssl_pkcs12_read($private,$priKey,"123456");
        openssl_private_decrypt($data,$decrypted,$priKey['pkey'],OPENSSL_PKCS1_PADDING);
        echo "根据证书解密得出的数据结果:".PHP_EOL.$decrypted.PHP_EOL;

    }

    //私钥签名，公钥验签
    protected function pubkeyPrivateYanSign()
    {
        //用私钥签名
        //获取私钥
        $privKey = file_get_contents('公私钥/private.pem');
        //返回资源型的
        $privKey = openssl_pkey_get_private($privKey);
        $data = "abcdefghijklmnop";
        openssl_sign($data,$sign,$privKey,OPENSSL_PKCS1_PADDING);
        $sign = base64_encode($sign);
        echo "用私钥签名，签名结果:".$sign.PHP_EOL;

        $pubkey = openssl_pkey_get_public(file_get_contents("公私钥/public.pem"));
        $sign = base64_decode($sign);
        $res = openssl_verify($data,$sign,$pubkey,OPENSSL_ALGO_SHA1);
        echo "使用公钥验签，验签结果:$res".PHP_EOL;
    }

    //md5签名和验签
    protected function md5SignAndVerify()
    {
        $data = [
          'age'=>11,
          'stamp'=>time(),
          'username'=>'张三'
        ];

        ksort($data);
        $str = http_build_query($data);
        $sign = md5($str);
        echo $sign.PHP_EOL;

        $check_sign = md5($str);
        echo $check_sign.PHP_EOL;
    }

    protected function execute(Input $input, Output $output)
    {
        //生成公私钥数据
//    	$this->createPublicPrivateKey();

        //rsa的公私钥加密和解密
//        $this->rsaPublicPrivateJiaJieMi();

        //证书生成
//        $this->createCert();
        //证书加解密
//        $this->certJiaJieMi();

        //私钥签名，公钥验签
        //$this->pubkeyPrivateYanSign();

        //md5签名和验签
        $this->md5SignAndVerify();

    }
}
